ALSA-2026:0225: mariadb:10.3 security update (Important)
ALSA-2026:0232: mariadb:10.11 security update (Important)
ALSA-2026:0233: mariadb:10.5 security update (Important)
ALSA-2026:0136: mariadb10.11 security update (Important)
ALSA-2026:0247: mariadb:10.11 security update (Important)
ALSA-2026:0225: mariadb:10.3 security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2026-01-12
Summary:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
Security Fix(es):
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-0225.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:0232: mariadb:10.11 security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2026-01-12
Summary:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
Security Fix(es):
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-0232.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:0233: mariadb:10.5 security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2026-01-12
Summary:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
Security Fix(es):
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2026-0233.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:0136: mariadb10.11 security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 10
Type: Security
Severity: Important
Release date: 2026-01-12
Summary:
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities.
Security Fix(es):
* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
* mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
* mariadb: MariaDB Server Crash (CVE-2023-52971)
* mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
* mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/10/ALSA-2026-0136.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2026:0247: mariadb:10.11 security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2026-01-12
Summary:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
Security Fix(es):
* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
* mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
* mariadb: MariaDB Server Crash (CVE-2023-52971)
* mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
* mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2026-0247.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
